CompTIA SY0-401 Dumps and Practice Tests with Real Questions

WTF! SY0-401 questions had been exactly the identical in relaxation test that I got.

SY0-401 free pdf | SY0-401 sample test questions | SY0-401 real questions | SY0-401 test answers | SY0-401 free pdf - bigdiscountsales.com

SY0-401 - CompTIA Security+ - Dump Information

Vendor	:	CompTIA
Exam Code	:	SY0-401
Exam Name	:	CompTIA Security+
Questions and Answers	:	1776 Q & A
Updated On	:	October 24, 2017
PDF Download Mirror	:	SY0-401 Brain Dump
Get Full Version	:	Pass4sure SY0-401 Full Version

located SY0-401 actual question source.

I didnt plan to use any brain dumps for my IT certification exams, but being under pressure of the difficulty of SY0-401 exam, I ordered this bundle. I was impressed by the quality of these materials, they are absolutely worth the money, and I believe that they could cost more, this is how great they are! I didnt have any trouble while taking my exam thanks to bigdiscountsales. I simply knew all questions and answers! I got 97% with only a few weeks exam preparation, besides having some work experience, which was certainly helpful, too. So yes, bigdiscountsales is really good and highly recommended.

exceptional to hear that real test questions of SY0-401 exam are supplied here.

i am very happy with this package deal as I were given over 96% on this SY0-401 examination. I read the official SY0-401 manual a little, but I guess bigdiscountsales was my foremost training resource. I memorized maximum of the questions and answers, and also invested the time to certainly apprehend the scenarios and tech/practice targeted parts of the examination. I assume that by means of itself purchasing the bigdiscountsales bundle does now not guarantee that you'll pass your exam - and a few checks are sincerely tough. yet, in case you study their materials tough and surely placed your mind and your heart into your exam instruction, then bigdiscountsales definitely beats any other exam prep options available out there.

Just use these real question bank and success is yours.

i was looking to get ready for my SY0-401 check that became across the nook, i discovered myself to be lost within the books and wandering far far from the actual point. I didnt apprehend a single phrase and that turned into virtually concerningdue to the fact I had to prepare as soon as feasible. Giving up on my books I decided to register myself in thisbigdiscountsales and that changed into the pleasant decision. I cruised through my SY0-401 take a look at and became capable of get a respectable score so thanks very an awful lot.

What are benefits of SY0-401 certification?

I missed a couple of inquiries only on the grounds that I went clear and didnt recollect the answer given in the unit, however since I got the rest right, I passed and solved 43/50 questions. So my recommendation is to learn all that I get from bigdiscountsales Q&A - this is everything I need to pass. I passed this exam because of bigdiscountsales. This pack is 100% faithful, a huge portion of the inquiries were the identical as what I got on the SY0-401 exam.

That changed into brilliant! I got braindumps of SY0-401 examination.

bigdiscountsales is an accurate indicator for a students and customers functionality to paintings and take a look at for the SY0-401 exam. it is an correct indication in their potential, in particular with tests taken shortly before taking off their academic have a look at for the SY0-401 examination. bigdiscountsales offers a reliable updated. The SY0-401 tests provide a radical image of candidates potential and capabilities.

What is needed to study for SY0-401 exam?

to start with I need to mention way to you people. i've cleared SY0-401 exam by subscribing to your take a look at materials. So I wanted to share my fulfillment for your internet site. thanks once more. thanks very tons to your exquisite assist. i have cleared my SY0-401 with ninety%.

Do a smart move, prepare these SY0-401 Questions and Answers.

I had appeared the SY0-401 exam last year, but failed. It seemed very hard to me because of SY0-401 topics. They were really unmanageable till I found the questions & answer study guide by bigdiscountsales. This is the best guide I have ever purchased for my exam preparations. The way it handled the SY0-401 materials was superb and even a slow learner like me could handle it. Passed with 89% marks and felt above the world. Thanks bigdiscountsales!.

Get value pack of knowledge to prepare SY0-401 exam.

some suitable guys cant carry an alteration to the worlds way but they can best tell you whether or not you have been the handiest man who knew a way to do that and that i need to be regarded in this global and make my very own mark and i have been so lame my whole way but I recognise now that I wanted to get a bypass in my SY0-401 and this can make me famous maybe and sure i'm brief of glory but passing my A+ exams with bigdiscountsales became my morning and night time glory.

Did you attempted this exceptional source of latest Braindumps.

I spent enough time studying these materials and passed the SY0-401 exam. The stuff is good, and whilst those are braindumps, meaning these substances are constructed at the real exam stuff, I dont apprehend folks who try to bitch aboutthe SY0-401 questions being exceptional. In my case, now not all questions were one hundred% the equal, but the topics and widespread approach had been surely accurate. So, buddies, if you take a look at tough sufficient youll do just fine.

what is pass ratio of SY0-401 exam?

After some weeks of SY0-401 coaching with this bigdiscountsales set, I exceeded the SY0-401 exam. I must admit, i'm relieved to go awayit behind, yet satisfied that i found bigdiscountsales to assist me get thru this exam. The questions and solutions they consist ofwithin the package are accurate. The solutions are proper, and the questions had been taken from the actual SY0-401 exam, and i were given them whilst taking the examination. It made matters loads simpler, and that i got a score rather higherthan I had was hoping for.

See more CompTIA dumps

EK0-001 | SK0-003 | CD0-001 | TK0-201 | JK0-U21 | PD0-001 | CV0-001 | SY0-401 | CS0-001 | 220-901 | PK0-003 | FC0-TS1 | LX0-103 | CN0-201 | ISS-001 | FC0-U41 | PK0-004 | MB0-001 | N10-006 | JK0-801 | JK0-U11 | JK0-802 | 220-902 | LX0-104 | JK0-U31 | FC0-U51 | JK0-019 | JK0-023 | CAS-002 | JK0-022 | SK0-004 | CLO-001 | FC0-U11 |

Latest Exams added on bigdiscountsales

1Z0-453 | 210-250 | 300-210 | 500-205 | 500-210 | 70-765 | 9A0-409 | C2010-555 | C2090-136 | C9010-260 | C9010-262 | C9020-560 | C9020-568 | C9050-042 | C9050-548 | C9050-549 | C9510-819 | C9520-911 | C9520-923 | C9520-928 | C9520-929 | C9550-512 | CPIM-BSP | C_TADM70_73 | C_TB1200_92 | C_TBW60_74 | C_TPLM22_64 | C_TPLM50_95 | DNDNS-200 | DSDPS-200 | E20-562 | E20-624 | E_HANABW151 | E_HANAINS151 | JN0-1330 | JN0-346 | JN0-661 | MA0-104 | MB2-711 | NSE6 | OMG-OCRES-A300 | P5050-031 |

See more dumps on bigdiscountsales

220-901 | HP0-286 | 000-208 | 1Z0-899 | 1Z0-591 | 4A0-100 | 00M-665 | 310-610 | 1Z0-898 | 920-338 | 000-046 | MB4-211 | E20-655 | HH0-280 | 642-270 | A2090-312 | 1Z1-574 | IL0-786 | 00M-194 | 000-N55 | C_TSCM42_66 | EE0-071 | C4090-971 | C7020-230 | 644-066 | 000-676 | C_HANAIMP_11 | HH0-200 | 920-123 | SPS-201 | A2090-303 | 3305 | MAYA11-A | A2150-563 | 71-687 | 1Z0-151 | 1Z0-963 | DC0-261 | 132-S-70 | HP0-M12 | 000-886 | 132-S-900.7 | 9L0-806 | 1Z0-063 | FN0-240 | P2090-086 | M2150-810 | 644-906 | M2040-671 | 1Z0-554 |

SY0-401 Questions and Answers

QUESTION: 262

An organization receives an email that provides instruction on how to protect a system from being a target of new malware that is rapidly infecting systems. The incident response team investigates the notification and determines it to invalid and notifies users to disregard the email. Which of the following Best describes this occurrence?

1. Phishing
2. Scareware
3. SPAM
4. Hoax

Answer: D

QUESTION: 263

During an office move a sever containing the employee information database will be shut down and transported to a new location. Which of the following would BEST ensure the availability of the employee database should happen to the server during the move?

1. The contents of the database should be encrypted; the encryption key should be stored off-site
2. A hash of the database should be taken and stored on an external drive prior to the move
3. The database should be placed on a drive that consists of a RAID array prior to the move
4. A backup of the database should be stored on an external hard drive prior to the move

Answer: D

QUESTION: 264

Which of the following is primarily used to provide fault tolerance at the application level? (Select TWO)

1. Load balancing
2. RAID array
3. RAID 6
4. Server clustering
5. JBOD array

QUESTION: 265

A security administrator needs to implement a technology that creates a secure key exchange. Neither party involved in the key exchange will have pre-existing knowledge of one another. Which of the following technologies would allow for this?

1. Blowfish
2. NTLM
3. Diffie-Hellman
4. CHAP

Answer: C

QUESTION: 266

A portable data storage device has been determined to have malicious firmware. Which of the following is the BEST course of action to ensure data confidentiality?

1. Format the device
2. Re-image the device
3. Perform virus scan in the device
4. Physically destroy the device

Answer: C

QUESTION: 267

Ann, a security administrator, has been instructed to perform fuzz-based testing on the company’s applications. Which of the following best describes what she will do?

1. Enter random or invalid data into the application in an attempt to cause it to fault
2. Work with the developers to eliminate horizontal privilege escalation opportunities
3. Test the applications for the existence of built-in- back doors left by the developers
4. Hash the application to verify it won’t cause a false positive on the HIPS.

QUESTION: 268

a malicious attacker has intercepted HTTP traffic and inserted an ASCII line that sets the referrer URL. Which of the following is the attacker most likely utilizing?

1. Header manipulation
2. Cookie hijacking
3. Cross-site scripting
4. Xml injection

Answer: D

QUESTION: 269

A user attempts to install a new and relatively unknown software program recommended by a colleague. The user is unable to install the program, dispute having successfully installed other programs previously. Which of the following is MOST likely the cause for the user’s inability to complete the installation?

1. Application black listing
2. Network Intrusion Prevention System
3. Group Policy
4. Application White Listing

Answer: A

QUESTION: 270

A Company has recently identified critical systems that support business operations. Which of the following will once defined, be the requirement for restoration of these systems within a certain period of time?

1. Mean Time Between Failure
2. Mean Time to Restore
3. Recovery Point Objective
4. Recovery Time Objective

Answer: A

QUESTION: 271

A network manager needs a cost-effective solution to allow for the restoration of information with a RPO of 24 hours. The disaster recovery plan also requires that backups occur within a restricted timeframe during the week and be take offsite weekly. Which of the following should the manager choose to BEST address these requirements?

1. Daily incremental backup to tape
2. Disk-to-disk hourly server snapshots
3. Replication of the environment at a hot site
4. Daily differential backup to tape
5. Daily full backup to tape

Answer: A

QUESTION: 272

While reviewing the security controls in place for a web-based application, a security controls assessor notices that there are no password strength requirements in place. Because of this vulnerability, passwords might be easily discovered using a brute force attack. Which of the following password requirements will MOST effectively improve the security posture of the application against these attacks? (Select two)

1. Minimum complexity
2. Maximum age limit
3. Maximum length
4. Minimum length
5. Minimum age limit
6. Minimum re-use limit

Answer: D, F

QUESTION: 273

A security administrator implements a web server that utilizes an algorithm that requires other hashing standards to provide data integrity. Which of the following algorithms would meet the requirement?

1. SHA
2. MD5
3. RIPEMD
4. HMAC

QUESTION: 274

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company’s clients. Which of the following is being used?

1. Gray box vulnerability testing
2. Passive scan
3. Credentialed scan
4. Bypassing security controls

Answer: A

QUESTION: 275

A global gaming console manufacturer is launching a new gaming platform to its customers. Which of the following controls reduces the risk created by malicious gaming customers attempting to circumvent control by way of modifying consoles?

1. Firmware version control
2. Manual software upgrades
3. Vulnerability scanning
4. Automatic updates
5. Network segmentation
6. Application firewalls

Answer: A, D

QUESTION: 276

A company is deploying a new VoIP phone system. They require 99.999% uptime for their phone service and are concerned about their existing data network interfering with the VoIP phone system. The core switches in the existing data network are almost fully saturated. Which of the following options will pro-vide the best performance and availability for both the VoIP traffic, as well as the traffic on the existing data network?

1. Put the VoIP network into a different VLAN than the existing data network.
2. Upgrade the edge switches from 10/100/1000 to improve network speed
3. Physically separate the VoIP phones from the data network

Answer: A

CompTIA SY0-401 Exam (CompTIA Security+) Detailed Information

SY0-401 - CompTIA Security+

---

SY0-401 Test Objectives

---

CompTIA Security+

Certification Exam Objectives

EXAM NUMBER: SY0-401

About the Exam

The CompTIA Security+ certification is a vendor-neutral, internationally recognized credential used by organizations and security professionals around the globe to validate foundation- level security skills and knowledge. Candidates are encouraged to use this document to

help prepare for CompTIA Security+ SY0-401, which measures necessary skills for IT security professionals. Successful candidates will have the knowledge required to:

• Identify risk
• Participate in risk mitigation activities
• Provide infrastructure, application, information and operational security
• Apply security controls to maintain confidentiality, integrity and availability
• Identify appropriate technologies and products
• Troubleshoot security events and incidents
• Operate with an awareness of applicable policies, laws and regulations
  These content examples are meant to clarify the test objectives and should not be construed as a comprehensive listing of all content in this examination.
  EXAM ACCREDITATION
  CompTIA Security+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, the exam objectives undergo regular reviews and updates.
  EXAM DEVELOPMENT
  CompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an IT professional.
  TEST DETAILS
  Required exam CompTIA Security+ SY0-401 Number of questions Maximum of 90
  Types of questions Multiple choice and performance-based Length of test 90 minutes
  Recommended experience At least two years of experience
  in IT administration with a focus on security
  Passing score 750 (on a scale of 100–900)
  EXAM OBJECTIVES (DOMAINS)
  The table below lists the domains measured by this examination and the extent to which they are represented:

  DOMAIN PERCENTAGE OF EXAMINATION

  1.0 Network Security 20%
  2.0 Compliance and Operational Security 18%
  3.0 Threats and Vulnerabilities 20%
  4.0 Application, Data and Host Security 15%
  5.0 Access Control and Identity Management 15%
• Cryptography 12%
  Total 100%
  1.0 Network Security

  1.1

  Implement security configuration parameters on network devices and other technologies.
  • Firewalls
  • Routers
  • Switches
  • Load balancers
  • Proxies
  • Web security gateways
  • VPN concentrators
  • NIDS and NIPS
    • Behavior-based
    • Signature-based
    • Anomaly-based
    • Heuristic
  • Protocol analyzers
  • Spam filter
  • UTM security appliances
    • URL filter
    • Content inspection
    • Malware inspection
  • Web application firewall vs. network firewall
  • Application aware devices
    • Firewalls
    • IPS
    • IDS
    • Proxies

      1.2

      Given a scenario, use secure network administration principles.
  • Rule-based management
  • Firewall rules
  • VLAN management
  • Secure router configuration
  • Access control lists
  • Port security
    • 802.1x
  • Flood guards
  • Loop protection
  • Implicit deny
  • Network separation
  • Log analysis
  • Unified threat management

    1.3

    Explain network design elements and components.
  • DMZ
  • Subnetting
  • VLAN
  • NAT
  • Remote access
  • Telephony
  • NAC
  • Virtualization
  • Cloud computing
    • PaaS
    • SaaS
    • IaaS
    • Private
    • Public
    • Hybrid
    • Community
  • Layered security/defense in depth
    1.0 Network Security

    1.4

    Given a scenario, implement common protocols and services.
  • Protocols
    • IPSec
    • SNMP
    • SSH
    • DNS
    • TLS
    • SSL
    • TCP/IP
    • FTPS
    • HTTPS
    • SCP
    • ICMP
      • IPv4
      • IPv6
      • iSCSI
      • Fibre Channel
      • FCoE
      • FTP
      • SFTP
      • TFTP
      • TELNET
      • HTTP
      • NetBIOS
  • Ports
    - 21
    - 22
    - 25
    - 53
    - 80
    - 110
    - 139
    - 143
    - 443
    - 3389
  • OSI relevance

    1.5

    Given a scenario, troubleshoot security issues related to wireless networking.
  • WPA
  • WPA2
  • WEP
  • EAP
  • PEAP
  • LEAP
  • MAC filter
  • Disable SSID broadcast
  • TKIP
  • CCMP
  • Antenna placement
  • Power level controls
  • Captive portals
  • Antenna types
  • Site surveys
  • VPN (over open wireless)
    2.0 Compliance and Operational Security

    2.1

    Explain the importance of risk related concepts.
  • Control types
    • Technical
    • Management
    • Operational
  • False positives
  • False negatives
  • Importance of policies in reducing risk
    • Privacy policy
    • Acceptable use
    • Security policy
    • Mandatory vacations
    • Job rotation
    • Separation of duties
    • Least privilege
  • Risk calculation
    • Likelihood
    • ALE
    • Impact
    • SLE
    • ARO
    • MTTR
    • MTTF
    • MTBF
  • Quantitative vs. qualitative
  • Vulnerabilities
  • Threat vectors
  • Probability/threat likelihood
  • Risk avoidance, transference, acceptance, mitigation, deterrence
  • Risks associated with cloud computing and virtualization
  • Recovery time objective and recovery point objective

    2.2

    Summarize the security implications of integrating systems and data with third parties.
  • On-boarding/off-boarding business partners
  • Social media networks and/or applications
  • Interoperability agreements
    • SLA
    • BPA
    • MOU
    • ISA
• Privacy considerations
• Risk awareness
• Unauthorized data sharing
• Data ownership
• Data backups
• Follow security policy and procedures
• Review agreement requirements to verify compliance and performance standards

  2.3

  Given a scenario, implement appropriate risk mitigation strategies.
  • Change management
  • Incident management
  • User rights and permissions reviews
  • Perform routine audits
  • Enforce policies and procedures to prevent data loss or theft
  • Enforce technology controls
    • Data Loss Prevention (DLP)

      2.4

      2.0 Compliance and Operational Security
      Given a scenario, implement basic forensic procedures.
  • Order of volatility
  • Capture system image
  • Network traffic and logs
  • Capture video
  • Record time offset
  • Take hashes
  • Screenshots
  • Witnesses
  • Track man hours and expense
  • Chain of custody
  • Big Data analysis

    2.5

    Summarize common incident response procedures.
  • Preparation
  • Incident identification
  • Escalation and notification
  • Mitigation steps
  • Lessons learned
  • Reporting
  • Recovery/reconstitution procedures
  • First responder
  • Incident isolation
    • Quarantine
    • Device removal
  • Data breach
  • Damage and loss control

    2.6

    Explain the importance of security related awareness and training.
  • Security policy training and procedures
  • Role-based training
  • Personally identifiable information
  • Information classification
    • High
    • Medium
    • Low
    • Confidential
    • Private
    • Public
  • Data labeling, handling and disposal
  • Compliance with laws, best practices and standards
  • User habits
    • Password behaviors
    • Data handling
    • Clean desk policies
    • Prevent tailgating
    • Personally owned devices
  • New threats and new security trends/alerts
    • New viruses
    • Phishing attacks
    • Zero-day exploits
  • Use of social networking and P2P
  • Follow up and gather training metrics to validate compliance and security posture

    2.7

    Compare and contrast physical security and environmental controls.
  • Environmental controls
    • HVAC
    • Fire suppression
    • EMI shielding
    • Hot and cold aisles
    • Environmental monitoring
    • Temperature and humidity controls
  • Physical security
    • Hardware locks
    • Mantraps
    • Video surveillance
      • Fencing
      • Proximity readers
      • Access list
      • Proper lighting
      • Signs
      • Guards
      • Barricades
      • Biometrics
      • Protected distribution (cabling)
      • Alarms
      • Motion detection
  • Control types
    • Deterrent
    • Preventive
    • Detective
    • Compensating
    • Technical
    • Administrative

      2.8

      2.0 Compliance and Operational Security
      Summarize risk management best practices.
  • Business continuity concepts
    • Business impact analysis
    • Identification of critical systems and components
    • Removing single points of failure
    • Business continuity planning and testing
    • Risk assessment
    • Continuity of operations
    • Disaster recovery
    • IT contingency planning
    • Succession planning
    • High availability
    • Redundancy
    • Tabletop exercises
  • Fault tolerance
    • Hardware
    • RAID
    • Clustering
    • Load balancing
    • Servers
  • Disaster recovery concepts
    • Backup plans/policies
    • Backup execution/frequency
    • Cold site
    • Hot site
    • Warm site

      2.9

      Given a scenario, select the appropriate control to meet the goals of security.
  • Confidentiality
    • Encryption
    • Access controls
    • Steganography
  • Integrity
    • Hashing
    • Digital signatures
    • Certificates
    • Non-repudiation
  • Availability
    • Redundancy
    • Fault tolerance
    • Patching
  • Safety
    • Fencing
    • Lighting
    • Locks
    • CCTV
      • Escape plans
      • Drills
      • Escape routes
      • Testing controls
        3.0 Threats and Vulnerabilities

        3.1

        Explain types of malware.
  • Adware
  • Virus
  • Spyware
  • Trojan
  • Rootkits
  • Backdoors
  • Logic bomb
  • Botnets
  • Ransomware
  • Polymorphic malware
  • Armored virus

    3.2

    Summarize various types of attacks.
  • Man-in-the-middle
  • DDoS
  • DoS
  • Replay
  • Smurf attack
  • Spoofing
  • Spam
  • Phishing
  • Spim
  • Vishing
  • Spear phishing
  • Xmas attack
  • Pharming
  • Privilege escalation
  • Malicious insider threat
  • DNS poisoning and ARP poisoning
  • Transitive access
  • Client-side attacks
  • Password attacks
    • Brute force
    • Dictionary attacks
    • Hybrid
    • Birthday attacks
    • Rainbow tables
  • Typo squatting/URL hijacking
  • Watering hole attack

    3.3

    Summarize social engineering attacks and the associated effectiveness with each attack.
  • Shoulder surfing
  • Dumpster diving
  • Tailgating
  • Impersonation
  • Hoaxes
  • Whaling
  • Vishing
  • Principles (reasons for effectiveness)
    • Authority
    • Intimidation
      • Consensus/social proof
      • Scarcity
      • Urgency
      • Familiarity/liking
      • Trust

      3.4

      Explain types of wireless attacks.
  • Rogue access points
  • Jamming/interference
  • Evil twin
  • War driving
  • Bluejacking
  • Bluesnarfing
  • War chalking
  • IV attack
  • Packet sniffing
  • Near field communication
  • Replay attacks
  • WEP/WPA attacks
  • WPS attacks

3.5

Explain types of application attacks.

Threats and Vulnerabilities

• Cross-site scripting
• SQL injection
• LDAP injection
• XML injection
• Directory traversal/command injection
• Buffer overflow
• Integer overflow
• Zero-day
• Cookies and attachments
• Locally Shared Objects (LSOs)
• Flash cookies
• Malicious add-ons
• Session hijacking
• Header manipulation
• Arbitrary code execution/remote code execution

  3.6

  Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.
• Monitoring system logs
  • Event logs
  • Audit logs
  • Security logs
  • Access logs
• Hardening
  • Disabling unnecessary services
  • Protecting management interfaces and applications
  • Password protection
  • Disabling unnecessary accounts
• Network security
  • MAC limiting and filtering
    - 802.1x
  • Disabling unused interfaces
    and unused application service ports
  • Rogue machine detection
• Security posture
  • Initial baseline configuration
  • Continuous security monitoring
  • Remediation

• Reporting
  • Alarms
  • Alerts
  • Trends
• Detection controls vs. prevention controls
  • IDS vs. IPS
  • Camera vs. guard

    3.7

    Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.
    • Interpret results of security assessment tools
    • Tools
      • Protocol analyzer
      • Vulnerability scanner
      • Honeypots
      • Honeynets
      • Port scanner
      • Passive vs. active tools
      • Banner grabbing
    • Risk calculations
      • Threat vs. likelihood
    • Assessment types
      • Risk
      • Threat
      • Vulnerability
    • Assessment technique
      • Baseline reporting
      • Code review
      • Determine attack surface
      • Review architecture
      • Review designs

        3.8

        Explain the proper use of penetration testing versus vulnerability scanning.
    • Penetration testing
      • Verify a threat exists
      • Bypass security controls
      • Actively test security controls
      • Exploiting vulnerabilities
    • Vulnerability scanning
      • Passively testing security controls
      • Identify vulnerability
      • Identify lack of security controls
      • Identify common misconfigurations
      • Intrusive vs. non-intrusive
      • Credentialed vs. non-credentialed
      • False positive
    • Black box
    • White box
    • Gray box
      4.0 Application, Data and Host Security

      4.1

      Explain the importance of application security controls and techniques.
    • Fuzzing
    • Secure coding concepts
      • Error and exception handling
      • Input validation
    • Cross-site scripting prevention
    • Cross-site Request Forgery (XSRF) prevention
    • Application configuration baseline (proper settings)
    • Application hardening
    • Application patch management
    • NoSQL databases vs. SQL databases
    • Server-side vs. client-side validation

      4.2

      Summarize mobile security concepts and technologies.
    • Device security
      • Full device encryption
      • Remote wiping
      • Lockout
      • Screen locks
      • GPS
      • Application control
      • Storage segmentation
      • Asset tracking
      • Inventory control
      • Mobile device management
      • Device access control
      • Removable storage
      • Disabling unused features
    • Application security
      • Key management
      • Credential management
      • Authentication
      • Geo-tagging
      • Encryption
      • Application whitelisting
      • Transitive trust/authentication
    • BYOD concerns
      • Data ownership
      • Support ownership
      • Patch management
      • Antivirus management
      • Forensics
        • Privacy
        • On-boarding/off-boarding
        • Adherence to corporate policies
        • User acceptance
        • Architecture/infrastructure considerations
        • Legal concerns
        • Acceptable use policy
        • On-board camera/video

        4.3

        Given a scenario, select the appropriate solution to establish host security.
    • Operating system security and settings
    • OS hardening
    • Anti-malware
      • Antivirus
      • Anti-spam
      • Anti-spyware
      • Pop-up blockers
    • Patch management
    • Whitelisting vs. blacklisting applications
• Trusted OS
• Host-based firewalls
• Host-based intrusion detection
• Hardware security
  • Cable locks
  • Safe
  • Locking cabinets
• Host software baselining

• Virtualization
  • Snapshots
  • Patch compatibility
  • Host availability/elasticity
  • Security control testing
  • Sandboxing

    4.4

    4.0 Application, Data and Host Security
    Implement the appropriate controls to ensure data security.
• Cloud storage
• SAN
• Handling Big Data
• Data encryption
  • Full disk
  • Database
  • Individual files
  • Removable media
  • Mobile devices
• Hardware-based encryption devices
  • TPM
  • HSM
  • USB encryption
  • Hard drive
• Data in transit, data at rest, data in use
• Permissions/ACL
• Data policies
  • Wiping
  • Disposing
  • Retention
  • Storage

    4.5

    Compare and contrast alternative methods to mitigate security risks in static environments.
• Environments
  • SCADA
  • Embedded (printer, smart TV, HVAC control)
  • Android
  • iOS
  • Mainframe
  • Game consoles
  • In-vehicle computing systems
• Methods
  • Network segmentation
  • Security layers
  • Application firewalls
  • Manual updates
  • Firmware version control
  • Wrappers
  • Control redundancy and diversity
    5.0 Access Control and Identity Management

    5.1

    Compare and contrast the function and purpose of authentication services.
• RADIUS
• TACACS+
• Kerberos
• LDAP
• XTACACS
• SAML
• Secure LDAP

  5.2

  Given a scenario, select the appropriate authentication, authorization or access control.
• Identification vs. authentication vs. authorization
• Authorization
  • Least privilege
  • Separation of duties
  • ACLs
  • Mandatory access
  • Discretionary access
  • Rule-based access control
  • Role-based access control
  • Time of day restrictions
• Authentication
  • Tokens
  • Common access card
  • Smart card
  • Multifactor authentication
  • TOTP
  • HOTP
  • CHAP
  • PAP
  • Single sign-on
  • Access control
  • Implicit deny
  • Trusted OS
• Authentication factors
  • Something you are
  • Something you have
  • Something you know
  • Somewhere you are
  • Something you do
• Identification
  • Biometrics
  • Personal identification verification card
  • Username
• Federation
• Transitive trust/authentication

  5.3

  Install and configure security controls when performing account management, based on best practices.
• Mitigate issues associated with users with multiple account/ roles and/or shared accounts
• Account policy enforcement
  • Credential management
  • Group policy
  • Password complexity
  • Expiration
  • Recovery
  • Disablement
  • Lockout
  • Password history
  • Password reuse
  • Password length
  • Generic account prohibition
• Group-based privileges
• User-assigned privileges
• User access reviews
• Continuous monitoring
  6.0 Cryptography

  6.1

  Given a scenario, utilize general cryptography concepts.
• Symmetric vs. asymmetric
• Session keys
• In-band vs. out-of-band key exchange
• Fundamental differences and encryption methods
  • Block vs. stream
• Transport encryption
• Non-repudiation
• Hashing
• Key escrow
• Steganography
• Digital signatures
• Use of proven technologies
• Elliptic curve and quantum cryptography
• Ephemeral key
• Perfect forward secrecy

  6.2

  Given a scenario, use appropriate cryptographic methods.
• WEP vs. WPA/WPA2 and pre-shared key
• MD5
• SHA
• RIPEMD
• AES
• DES
• 3DES
• HMAC
• RSA
• Diffie-Hellman
• RC4
• One-time pads
• NTLM
• NTLMv2
• Blowfish
• PGP/GPG
• Twofish
• DHE
• ECDHE
• CHAP
• PAP
• Comparative strengths and performance of algorithms
• Use of algorithms/protocols with transport encryption
  • SSL
  • TLS
  • IPSec
  • SSH
  • HTTPS
• Cipher suites
  • Strong vs. weak ciphers
• Key stretching
  • PBKDF2
  • Bcrypt

    6.3

    Given a scenario, use appropriate PKI, certificate management and associated components.
• Certificate authorities and digital certificates
  • CA
  • CRLs
  • OCSP
  • CSR
• PKI
• Recovery agent
• Public key
• Private key
• Registration
• Key escrow
• Trust models

CompTIA Security+ Acronyms

The following is a list of acronyms that appear on the CompTIA Security+ exam. Candidates are encouraged to review the complete list and attain a working knowledge of all listed acronyms as a

part of a comprehensive exam preparation program.

ACRONYM	SPELLED OUT	ACRONYM	SPELLED OUT
3DES	Triple Digital Encryption Standard	CIRT	Computer Incident Response Team
AAA	Authentication, Authorization and Accounting	CMS	Content Management System
ACL	Access Control List	COOP	Continuity Of Operation Planning
AES	Advanced Encryption Standard	CP	Contingency Planning
AES256	Advanced Encryption Standards 256-bit	CRC	Cyclical Redundancy Check
AH	Authentication Header	CRL	Certificate Revocation List
ALE	Annualized Loss Expectancy	CRM	Customer Relationship Management
AP	Access Point	CSO	Chief Security Officer
API	Application Programming Interface	CSP	Cloud Service Provider
APT	Advanced Persistent Threat	CSR	Certificate Signing Request
ARO	Annualized Rate of Occurrence	CSRF	Cross-Site Request Forgery
ARP	Address Resolution Protocol	CSU	Channel Service Unit
ASLR	Address Space Layout Randomization	CTO	Chief Technology Officer
ASP	Application Service Provider	DAC	Discretionary Access Control
AUP	Acceptable Use Policy	DBA	Database Administrator
AV	Antivirus	DDoS	Distributed Denial of Service
BAC	Business Availability Center	DEP	Data Execution Prevention
BCP	Business Continuity Planning	DES	Digital Encryption Standard
BIA	Business Impact Analysis	DHCP	Dynamic Host Configuration Protocol
BIOS	Basic Input/Output System	DHE	Data-Handling Electronics
BPA	Business Partners Agreement	DHE	Diffie-Hellman Ephemeral
BPDU	Bridge Protocol Data Unit	DLL	Dynamic Link Library
BYOD	Bring Your Own Device	DLP	Data Loss Prevention
CA	Certificate Authority	DMZ	Demilitarized Zone
CAC	Common Access Card	DNAT	Destination Network Address Transaction
CAN	Controller Area Network	DNS	Domain Name Service (Server)
CAPTCHA	Completely Automated Public Turing	DoS	Denial of Service
	test to tell Computers and Humans Apart	DRP	Disaster Recovery Plan
CAR	Corrective Action Report	DSA	Digital Signature Algorithm
CCMP	Counter-mode/CBC-MAC Protocol	DSL	Digital Subscriber Line
CCTV	Closed-Circuit Television	DSU	Data Service Unit
CERT	Computer Emergency Response Team	EAP	Extensible Authentication Protocol
CFB	Cipher Feedback	ECC	Elliptic Curve Cryptography
CHAP	Challenge Handshake Authentication Protocol	ECDHE	Elliptic Curve Diffie-Hellman Exchange
CIO	Chief Information Officer	ECDSA	Elliptic Curve Digital Signature Algorithm

ACRONYM	SPELLED OUT	ACRONYM	SPELLED OUT
EFS	Encrypted File System	IRP	Incident Response Procedure
EMI	Electromagnetic Interference	ISA	Interconnection Security Agreement
ERP	Enterprise Resource Planning	ISP	Internet Service Provider
ESN	Electronic Serial Number	ISSO	Information Systems Security Officer
ESP	Encapsulated Security Payload	ITCP	IT Contingency Plan
FACL	File system Access Control List	IV	Initialization Vector
FDE	Full Disk Encryption	JBOD	Just a Bunch Of Disks
FQDN	Fully Qualified Domain Name	KDC	Key Distribution Center
FRR	False Rejection Rate	KEK	Key Encryption Key
FTP	File Transfer Protocol	L2TP	Layer 2 Tunneling Protocol
FTPS	Secured File Transfer Protocol	LAN	Local Area Network
GCM	Galois Counter Mode	LDAP	Lightweight Directory Access Protocol
GPG	GNU Privacy Guard	LEAP	Lightweight Extensible Authentication Protocol
GPO	Group Policy Object	MaaS	Monitoring as a Service
GPS	Global Positioning System	MAC	Mandatory Access Control or Media Access Control
GPU	Graphic Processing Unit	MAC	Message Authentication Code
GRE	Generic Routing Encapsulation	MAN	Metropolitan Area Network
HA	High Availability	MBR	Master Boot Record
HDD	Hard Disk Drive	MD5	Message Digest 5
HIDS	Host-based Intrusion Detection System	MDF	Main Distribution Frame
HIPS	Host-based Intrusion Prevention System	MITM	Man-In-The-Middle
HMAC	Hashed Message Authentication Code	MOU	Memorandum Of Understanding
HOTP	HMAC-based One Time Password	MPLS	Multi-Protocol Layer Switch
HSM	Hardware Security Module	MSCHAP	Microsoft Challenge Handshake
HSRP	Hot Standby Router Protocol		Authentication Protocol
HTML	Hypertext Markup Language	MTBF	Mean Time Between Failures
HTTP	Hypertext Transfer Protocol	MTTR	Mean Time To Recover
HTTPS	Hypertext Transfer Protocol over SSL	MTTF	Mean Time To Failure
HVAC	Heating, Ventilation and Air Conditioning	MTU	Maximum Transmission Unit
IaaS	Infrastructure as a Service	NAC	Network Access Control
ICMP	Internet Control Message Protocol	NAT	Network Address Translation
ICS	Industrial Control Systems	NDA	Non-Disclosure Agreement
ID	Identification	NFC	Near Field Communication
IDEA	International Data Encryption Algorithm	NIDS	Network-based Intrusion Detection System
IDF	Intermediate Distribution Frame	NIPS	Network-based Intrusion Prevention System
IdP	Identity Provider	NIST	National Institute of Standards and Technology
IDS	Intrusion Detection System	NOS	Network Operating System
IKE	Internet Key Exchange	NTFS	New Technology File System
IM	Instant Messaging	NTLM	New Technology LANMAN
IMAP4	Internet Message Access Protocol v4	NTP	Network Time Protocol
IoT	Internet of Things	OAUTH	Open Authorization
IP	Internet Protocol	OCSP	Online Certificate Status Protocol
IPSec	Internet Protocol Security	OLA	Open License Agreement
IR	Incident Response	OS	Operating System
IRC	Internet Relay Chat	OVAL	Open Vulnerability Assessment Language

ACRONYM P2P	SPELLED OUT Peer to Peer	ACRONYM SEH	SPELLED OUT Structured Exception Handler
PAC	Proxy Auto Configuration	SHA	Secure Hashing Algorithm
PAM	Pluggable Authentication Modules	SFTP	Secured File Transfer Protocol
PAP	Password Authentication Protocol	SHTTP	Secure Hypertext Transfer Protocol
PAT	Port Address Translation	SIEM	Security Information and Event Management
PBKDF2	Password-Based Key Derivation Function 2	SIM	Subscriber Identity Module
PBX	Private Branch Exchange	SLA	Service Level Agreement
PCAP	Packet Capture	SLE	Single Loss Expectancy
PEAP	Protected Extensible Authentication Protocol	SMS	Short Message Service
PED	Personal Electronic Device	SMTP	Simple Mail Transfer Protocol
PFS	Perfect Forward Secrecy	SMTPS	Simple Mail Transfer Protocol Secure
PGP	Pretty Good Privacy	SNMP	Simple Network Management Protocol
PII	Personally Identifiable Information	SOAP	Simple Object Access Protocol
PIV	Personal Identity Verification	SONET	Synchronous Optical Network Technologies
PKI	Public Key Infrastructure	SPIM	Spam over Internet Messaging
POTS	Plain Old Telephone Service	SQL	Structured Query Language
PPP	Point-to-Point Protocol	SSD	Solid State Drive
PPTP	Point-to-Point Tunneling Protocol	SSH	Secure Shell
PSK	Pre-Shared Key	SSL	Secure Sockets Layer
PTZ	Pan-Tilt-Zoom	SSO	Single Sign-On
RA	Recovery Agent	STP	Shielded Twisted Pair or
RA	Registration Authority		Spanning Tree Protocol
RAD	Rapid Application Development	TACACS+	Terminal Access Controller Access
RADIUS	Remote Authentication Dial-In User Server		Control System Plus
RAID	Redundant Array of Inexpensive Disks	TCP/IP	Transmission Control Protocol/Internet Protocol
RAS	Remote Access Server	TFTP	Trivial File Transfer Protocol
RBAC	Role-Based Access Control	TGT	Ticket Granting Ticket
RBAC	Rule-Based Access Control	TKIP	Temporal Key Integrity Protocol
RC4	RSA Variable Key Size Encryption Algorithm	TLS	Transport Layer Security
RDP	Remote Desktop Protocol	TOTP	Time-based One-Time Password
RIPEMD	RACE Integrity Primitives Evaluation Message Digest	TPM	Trusted Platform Module
ROI	Return On Investment	TSIG	Transaction Signature
RPO	Recovery Point Objective	UAT	User Acceptance Testing
RSA	Rivest, Shamir and Adleman	UEFI	Unified Extensible Firmware Interface
RTBH	Remote Triggered Black Hole	UDP	User Datagram Protocol
RTO	Recovery Time Objective	UPS	Uninterruptable Power Supply
RTP	Real-time Transport Protocol	URI	Uniform Resource Identifier
S/MIME	Secure/Multipurpose Internet Mail Extensions	URL	Universal Resource Locator
SAML	Security Assertions Markup Language	USB	Universal Serial Bus
SaaS	Software as a Service	UTM	Unified Threat Management
SAN	Storage Area Network	UTP	Unshielded Twisted Pair
SCADA	System Control and Data Acquisition	VDI	Virtualization Desktop Infrastructure
SCAP	Security Content Automation Protocol	VLAN	Virtual Local Area Network
SCEP	Simple Certificate Enrollment Protocol	VLSM	Variable Length Subnet Masking
SCSI	Small Computer System Interface	VM	Virtual Machine
SDLC	Software Development Life Cycle	VoIP	Voice over IP
SDLM	Software Development Life Cycle Methodology	VPN	Virtual Private Network

ACRONYM SPELLED OUT

VTC Video Teleconferencing

WAF Web-Application Firewall

WAP Wireless Access Point

WEP Wired Equivalent Privacy

WIDS Wireless Intrusion Detection System WIPS Wireless Intrusion Prevention System WPA WiFi Protected Access

WPA2 WiFi Protected Access 2

WPS WiFi Protected Setup

WTLS Wireless TLS

XML Extensible Markup Language

XSRF Cross-Site Request Forgery

XSS Cross-Site Scripting

Security+ Proposed Hardware and Software List

CompTIA has included this sample list of hardware and software to assist candidates as they prepare for the Security+ exam. This list may also be helpful for training companies who wish to create a lab component to their training offering. The bulleted lists below each topic are a sample list and not exhaustive.

EQUIPMENT

• Router
• Firewall
• Access point
• Switch
• IDS/IPS
• Server
• Content filter
• Client
• Mobile device
• VPN concentrator
• All-in-one appliance
• Enterprise security managers/SIEM suite
• Load balancer

  SPARE PARTS/HARDWARE

• Keyboards, mice
• Network cables
• Monitors

  TOOLS

• WiFi analyzers

  SOFTWARE

• BackTrack
• Proxy server
• Kali/BackTrack
• Virtualization software
• Virtualized appliances
• Wireshark
• TCPdump
• NMAP
• OpenVAS
• Metasploit
• Back Orifice
• Cain & Abel
• John the Ripper
• pfSense
• Security Onion
• Roo
• Any UTM

  OTHER

• SourceForge

© 2016 CompTIA Properties, LLC, used under license by CompTIA Certifications, LLC. All rights reserved. All certification programs and education related to such programs are operated exclusively by CompTIA Certifications, LLC. CompTIA is a registered trademark of CompTIA Properties, LLC in the U.S. and internationally. Other brands and company names mentioned herein may be trademarks or service marks of CompTIA Properties, LLC or of their respective owners. Reproduc- tion or dissemination prohibited without written consent of CompTIA Properties, LLC. Printed in the U.S. 01754-Feb2016